Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/890DDA00DB1C11EFB648A5BB762E951A.roa
File: 890DDA00DB1C11EFB648A5BB762E951A.roa (raw, json)
Hash identifier: gthNOAY6TNkFVk/aTTd1aFUBbQFGyitHXeMeJgXogs8=
Subject key identifier: 62:EF:FD:63:4F:08:B0:96:60:BC:84:B1:8D:D7:8A:27:98:66:35:3F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014962
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/890DDA00DB1C11EFB648A5BB762E951A.roa
Signing time: Sat 25 Jan 2025 13:01:48 +0000
ROA not before: Sat 25 Jan 2025 13:01:44 +0000
ROA not after: Mon 03 Mar 2025 13:01:44 +0000
asID: 49505
IP address blocks: 154.212.31.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84322 (0x14962)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 25 13:01:44 2025 GMT
Not After : Mar 3 13:01:44 2025 GMT
Subject: CN=6794e0bc-6432
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e5:c6:12:ff:d7:13:df:1f:dd:ee:88:08:da:
b7:d0:64:93:41:f4:1c:7b:d6:d2:c3:c4:ac:bd:44:
db:1a:aa:b4:c9:d9:19:92:39:04:61:25:10:3c:e9:
36:14:55:b1:13:20:77:00:03:d5:17:a6:51:02:33:
55:01:7d:96:0c:62:9a:4f:b3:e2:b3:38:1a:8f:07:
c5:5d:05:60:ac:33:86:96:16:18:1a:35:c4:2a:0b:
05:cd:a3:bf:3c:3e:77:10:d0:0e:27:c0:62:f2:0c:
a6:e9:5d:18:d2:8a:89:d3:07:b3:29:70:87:0c:b6:
07:ee:60:f4:76:30:dd:a0:59:c3:44:be:49:3d:22:
2f:ad:95:08:75:e5:61:dc:63:3a:fd:52:d8:8f:7b:
84:91:54:f3:24:3b:7b:0f:0e:73:af:0d:d8:e1:50:
8b:df:78:8f:f8:0d:e1:36:a7:2a:77:b7:f8:f8:1b:
50:7e:9f:bc:54:7a:f2:a0:e5:de:7d:dd:2a:81:29:
a4:76:d0:12:41:5f:ee:d5:0f:5d:e8:58:84:80:97:
66:f0:f3:83:87:cc:5d:51:60:d2:c7:11:a9:89:cf:
d0:6e:f2:3e:d1:92:a7:f8:65:20:73:07:34:53:9c:
84:36:2b:d5:7b:37:7a:5e:39:d8:7b:91:63:fa:88:
22:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:EF:FD:63:4F:08:B0:96:60:BC:84:B1:8D:D7:8A:27:98:66:35:3F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/890DDA00DB1C11EFB648A5BB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.212.31.0/24
Signature Algorithm: sha256WithRSAEncryption
56:8c:91:41:ca:23:86:cb:d3:aa:5c:55:7d:33:7f:31:6a:4b:
a7:57:18:3b:39:f0:f8:14:8d:d3:6a:cb:b3:4e:14:5d:30:ed:
e8:1d:f4:27:30:5e:8a:33:77:b7:35:86:35:aa:f3:05:ba:e4:
ec:e2:69:8e:9a:c1:d9:4a:68:c9:66:bc:5e:f9:48:2e:b4:5d:
60:15:80:f0:73:27:58:4c:06:c9:f9:f6:ba:66:9c:12:cb:c3:
d3:e1:c9:32:c2:a8:4c:0f:2f:74:a2:d5:ea:eb:88:f8:91:dc:
99:6d:df:03:e3:b5:48:19:08:53:19:69:cd:d0:72:d4:de:1a:
82:d2:a6:18:64:2e:27:bd:50:20:1f:62:7d:59:14:f2:86:1c:
05:0a:f8:28:cd:d2:4e:96:96:7a:5e:45:f7:ce:2f:9f:0c:ad:
93:2e:07:e8:17:91:0a:78:67:83:98:b9:57:87:66:52:e8:89:
c5:67:59:74:46:26:0d:7c:b5:80:58:42:49:7a:f9:ab:14:41:
04:17:04:a6:31:ed:c6:32:0a:e3:1b:5c:c0:9f:cd:28:b8:4d:
59:27:e9:e1:9b:3b:99:1c:86:6c:31:5f:a8:3f:c0:f5:53:7e:
a7:14:ab:80:77:70:48:04:b6:9b:27:9c:ea:40:c5:6c:87:d8:
90:23:20:d1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUliMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI1MTMwMTQ0WhcNMjUwMzAzMTMwMTQ0WjAYMRYw
FAYDVQQDEw02Nzk0ZTBiYy02NDMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAquXGEv/XE98f3e6ICNq30GSTQfQce9bSw8SsvUTbGqq0ydkZkjkEYSUQ
POk2FFWxEyB3AAPVF6ZRAjNVAX2WDGKaT7PiszgajwfFXQVgrDOGlhYYGjXEKgsF
zaO/PD53ENAOJ8Bi8gym6V0Y0oqJ0wezKXCHDLYH7mD0djDdoFnDRL5JPSIvrZUI
deVh3GM6/VLYj3uEkVTzJDt7Dw5zrw3Y4VCL33iP+A3hNqcqd7f4+BtQfp+8VHry
oOXefd0qgSmkdtASQV/u1Q9d6FiEgJdm8PODh8xdUWDSxxGpic/QbvI+0ZKn+GUg
cwc0U5yENivVezd6XjnYe5Fj+ogiNQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGLv
/WNPCLCWYLyEsY3XiieYZjU/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84OTBEREEwMERCMUMxMUVGQjY0OEE1QkI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtQfMA0GCSqGSIb3DQEB
CwUAA4IBAQBWjJFByiOGy9OqXFV9M38xakunVxg7OfD4FI3TasuzThRdMO3oHfQn
MF6KM3e3NYY1qvMFuuTs4mmOmsHZSmjJZrxe+UgutF1gFYDwcydYTAbJ+fa6ZpwS
y8PT4ckywqhMDy90otXq64j4kdyZbd8D47VIGQhTGWnN0HLU3hqC0qYYZC4nvVAg
H2J9WRTyhhwFCvgozdJOlpZ6XkX3zi+fDK2TLgfoF5EKeGeDmLlXh2ZS6InFZ1l0
RiYNfLWAWEJJevmrFEEEFwSmMe3GMgrjG1zAn80ouE1ZJ+nhmzuZHIZsMV+oP8D1
U36nFKuAd3BIBLabJ5zqQMVsh9iQIyDR
-----END CERTIFICATE-----
Generated at Thu Mar 13 18:06:21 2025 by rpki-client